Top 5 - SWDI Training Tips

Recently I had a chance to sit in on the Scalable WLAN Design and Implementation (SWDI) training. SWDI builds on knowledge gained from the Implementing Aruba WLANs course. The course help you understand firewall features such as policy design, authentication and role derivation. It also covers remote access and multi controller configurations.. Below are 5 of the top tip I received from the training.

#5 – Product Knowledge

One of the first topics covered in the course was architecture. One of the topics in the architecture discussion was knowledge of the Aruba product. The knowledge will help you plan for future scaling of the network. For instance, if you design a new network around a 620 with 7 AP you are fine in the sense that you limits are higher than you current need. What happens when you add on to the network and need to add just 2 more APs, you will also need to upgrade the controller.

#4 - RAP Forwarding Modes

A RAP has to make a connection back to the controller in order to get access to the corporate network. This can be accomplished 3 ways, tunnel mode, bridge, and split tunnel. The course helps understand the differences in the three and helps you understand when and where to use each.

#3 – Master Controller Responsibilities

The SWDI training explained why It is a very good idea to employ master redundancy in you network. It wasn’t the argument for the spare tire in your car “It’s nice to have an extra in case you need it”. Rather it explained the various responsibilities of a master controller and the good that will come from having a redundant master in you network.

#2 – Aruba Mobility

SWDI thoroughly explained mobility in many different scenarios. The walked you through the process involved in the L2, L3, Single Controller, and Multi-Controller mobility. It explained the need for a mobility domain to define limits on the roaming abilities of the clients.

#1 – Wired Access Control

One thing this course highlighted to me was port security. I mean the wired kind. We strive to design the most reliable and secure wireless network possible. We encrypt wireless traffic, use 802.1X authentication, and design complex policies. The thing I didn’t remember was port security. After all the design work on a super secure wireless network, all a person has to simply plug directly into a port on the controller and their on the network. There goes all you many hours out the window. So from now on I will beware of the wire and have the ports covered.